The Center for Internet Security (CIS) released the first version of the CIS Benchmark for Red Hat Enterprise Linux (RHEL) 9 on Nov 28, 2022, providing a set of 255 recommended security controls organized in two different levels for RHEL 9 servers and workstations.
CIS Benchmarks for RHEL are created in a collaborative and transparent way in the CIS community, where the active participation of Red Hat engineers contributes to high quality standards aligned to the best practices for RHEL while also bringing value to Fedora and other community Linux distributions. The Red Hat Security Compliance team quickly worked on this first released version of the CIS Benchmark for RHEL 9, ultimately providing Red Hat customers with automation capabilities to meet the CIS requirements.
The CIS Benchmark for RHEL 9 provides a comprehensive set of security controls and configuration recommendations to help protect RHEL 9 systems. The new profile based on this benchmark has been available to Red Hat customers in the scap-security-guide package since version 0.1.66. It allows organizations to automate the process of configuring and monitoring their RHEL 9 systems for compliance directly via OpenSCAP or through integrations in Anaconda, Image Builder, Insights and Satellite.
The most recent improvements in this new CIS profile, already available for RHEL 9 customers in scap-security-guide version 0.1.69, automates 99% of the benchmark requirements, including controls for network security, system hardening, logging and monitoring, and access control. By using the CIS profile for RHEL 9, Red Hat customers can check and more easily remediate their systems to achieve a high level of compliance with the CIS Benchmark, allowing their organizations to reduce their attack surface and improve their overall security posture.
For already installed systems, the OpenSCAP scanner can be directly used with the CIS profile for RHEL 9 to automate the process of scanning RHEL 9 systems, generating reports, and remediating eventual compliance gaps. Alternatively, Red Hat customers can also use the profile via Red Hat Insights and Red Hat Satellite integrations or during the installation of RHEL systems.
The release of the CIS profile for RHEL 9 with 99% of the benchmark requirements automated is a significant milestone in the effort to improve the security posture of RHEL in alignment with CIS. Organizations can now use this profile to automate the process of configuring and monitoring their RHEL 9 systems for compliance with minimal manual effort, helping to reduce their risks of cyber threats.
Red Hat continues to support valuable resources in the CIS community and other benchmarks to improve compliance with regulatory and industry-specific requirements.
Sull'autore
Marcus Burghardt is a Senior Software Engineer on the Red Hat Enterprise Linux (RHEL) Security Compliance team. Marcus joined Red Hat in 2021. Since then, he has primarily focused on developing automated security content used by organizations to accelerate the adoption of security policies. He was previously a Red Hat Instructor and Examiner involved with different Red Hat technologies, but also has experience in Security Management, Cryptography, and Consulting.
Altri risultati simili a questo
Ricerca per canale
Automazione
Novità sull'automazione IT di tecnologie, team e ambienti
Intelligenza artificiale
Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque
Hybrid cloud open source
Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido
Sicurezza
Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti
Edge computing
Aggiornamenti sulle piattaforme che semplificano l'operatività edge
Infrastruttura
Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale
Applicazioni
Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili
Serie originali
Raccontiamo le interessanti storie di leader e creatori di tecnologie pensate per le aziende
Prodotti
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servizi cloud
- Scopri tutti i prodotti
Strumenti
- Formazione e certificazioni
- Il mio account
- Supporto clienti
- Risorse per sviluppatori
- Trova un partner
- Red Hat Ecosystem Catalog
- Calcola il valore delle soluzioni Red Hat
- Documentazione
Prova, acquista, vendi
Comunica
- Contatta l'ufficio vendite
- Contatta l'assistenza clienti
- Contatta un esperto della formazione
- Social media
Informazioni su Red Hat
Red Hat è leader mondiale nella fornitura di soluzioni open source per le aziende, tra cui Linux, Kubernetes, container e soluzioni cloud. Le nostre soluzioni open source, rese sicure per un uso aziendale, consentono di operare su più piattaforme e ambienti, dal datacenter centrale all'edge della rete.
Seleziona la tua lingua
Red Hat legal and privacy links
- Informazioni su Red Hat
- Opportunità di lavoro
- Eventi
- Sedi
- Contattaci
- Blog di Red Hat
- Diversità, equità e inclusione
- Cool Stuff Store
- Red Hat Summit